Axonius Documentation

    FortiSASE

    FortiSASE is a secure access service edge platform that provides network security, secure web gateway, zero trust access, and traffic inspection for distributed users and devices.

    Use Cases the Adapter Solves

    • Monitor VPN User Activity: Track active VPN sessions and user connectivity patterns to ensure secure remote access and identify unauthorized usage.
    • Identify Remote User Locations: Gain visibility into the geographic regions where users are connecting from to support compliance requirements and security policies.

    Asset Types Fetched

    • Users

    Data Retrieved through the Adapter

    Users - Fields such as Username, Session ID, Region, Remote Host.

    Before You Begin

    Required Ports

    • TCP port 443 (HTTPS)

    Authentication Methods

    Username and Password Authentication

    APIs

    Axonius uses the FortiSASE API. The following endpoints are called:

    • POST https://customerapiauth.fortinet.com/api/v1/oauth/token/
    • GET {domain}/monitor-api/v1/user/vpn/sessions

    For complete API documentation, see the FortiSASE REST API reference on the Fortinet Developer Network.

    Required Permissions

    The following permissions are required:

    • The API User must be assigned a profile where FortiSASE is explicitly set to Read/Write or Read Only
    • The API User must be authorized for the specific Account ID or OU where the SASE instance resides.

    Supported From Version

    Supported from Axonius version 8.0.23

    Connecting the Adapter in Axonius

    Navigate to the Adapters page, search for FortiSASE, and click on the adapter tile.

    Click Add Connection.

    To connect the adapter in Axonius, provide the following parameters:

    Required Parameters

    1. Host Name or IP Address - Base domain for the API. Must include the http:// or https:// prefix. Do not add any specific endpoints after the domain. Example: https://your-instance.fortisase.com/
    2. User Name - The username for authenticating to FortiSASE. Example: [email protected]
    3. Password - The password associated with the user account.

    Optional Parameters

    1. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
    2. HTTPS Proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.
    3. HTTPS Proxy User Name - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
    4. HTTPS Proxy Password - The password to use when connecting to the server using the HTTPS Proxy.

    To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

    Updated 22 days ago